php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #35886 file_get_contents() fails with some combinations of offset & maxlen
Submitted: 2006-01-03 20:01 UTC Modified: 2006-06-05 23:13 UTC
Votes:7
Avg. Score:5.0 ± 0.0
Reproduced:3 of 3 (100.0%)
Same Version:1 (33.3%)
Same OS:2 (66.7%)
From: chris at lodesys dot com Assigned: wez (profile)
Status: Closed Package: Streams related
PHP Version: 5CVS-2006-01-03 (snap) OS: win32 only
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: chris at lodesys dot com
New email:
PHP Version: OS:

 

 [2006-01-03 20:01 UTC] chris at lodesys dot com
Description:
------------
This one is weird.  For some value of offset & maxlen, file_get_contents will fail and crash PHP. (I'm running under Apache 1.3.34 and get a Dr. Watson).  The combination may have something to do with offset + maxlen just above 4096, but even that's not consistant.

Reproduce code:
---------------
$x = file_get_contents("C:/php/news.txt", FALSE, NULL, 500, 3596);  // WORKS

$x = file_get_contents("C:/php/news.txt", FALSE, NULL, 500, 3597);  // FAILS

$x = file_get_contents("C:/php/news.txt", FALSE, NULL, 500, 4096);  // FAILS

$x = file_get_contents("C:/php/news.txt", FALSE, NULL, 500, 4097);  // WORKS


$x = file_get_contents("C:/php/news.txt", FALSE, NULL, 1000, 4096);  // FAILS

$x = file_get_contents("C:/php/news.txt", FALSE, NULL, 1000, 4097);  // WORKS

$x = file_get_contents("C:/php/news.txt", FALSE, NULL, 0, 4096);  // WORKS

$x = file_get_contents("C:/php/news.txt", FALSE, NULL, 0, 4097);  // WORKS


Expected result:
----------------
All combinations of offset & maxlen should work as news.txt is 74 KB long. 

Actual result:
--------------
PHP fails in some instances (see above) with Dr. Watson reporting "Application exception occurred: App:  (pid=1828)[apache.exe] Exception number: c0000005 (access violation)"

Using 

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-01-05 00:26 UTC] nlopess@php.net
OK, back from the school exams, the problem seems to be in php_stdiop_set_option(), because it is allocating one less byte than it should. (and that mmap code is specific for windows).

I'll try to investigate the problem further and produce a patch.
 [2006-01-05 02:21 UTC] nlopess@php.net
OK, the problem is in the MapViewOfFile() call in php_stdiop_set_option(), because it is mapping less data than we've asked.
It seems a windows problem to me, but I'm leaving open because this can be a serious bug (although I'm not able to fix it..).
 [2006-02-08 00:50 UTC] iliaa@php.net
How big is the file?
 [2006-02-08 02:23 UTC] chris at lodesys dot com
The example test file is C:/php/news.txt (part of the PHP Windows distribution).  It is 74 KB (75,800 bytes).  Was having problems with files larger than that (say up to 170 KB).  Didn't test with extra large files.
 [2006-02-23 07:21 UTC] ninive at gmx dot at
Please fix this critical bug.
 [2006-03-02 22:50 UTC] piecia2000 at tlen dot pl
Temporary solution (slighty slower):

  $fd = fopen($filename, "rb");
  fseek($fd, $offset);
  $file = fread($fd, $size);
  fclose($fd);

please fix file_get_contents(),
 [2006-06-05 23:13 UTC] nlopess@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Edink applied the patch to PHP 5.2 and 6. Thanks!
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 07 22:01:27 2024 UTC